Various forms of redundant access to packet switched networks such as Ethernet networks are presently known and used. Two or more network links are generally required to provide redundancy, and increased bandwidth capacity, between an Aggregation Access Element (AAE) and a Customer Equipment (CE). In some cases, the redundant links can appear on multiple AAEs. As network demands grow, there is likewise increasing demand for redundant access to packet switched network-based services.
Present ways of providing redundant access in a packet switched network include technologies such as Link Aggregation (LA) and/or Multiple Spanning Tree (MST) heuristics. Accordingly, traffic related to a given Virtual Connection (VC) can be distributed across more than one link, e.g., as is presently done when using Link Aggregation, or traffic for a given VC can be confined to a single link, e.g., as is presently done when using multiple spanning tree technology. A Load Sharing Algorithm (LSA) specific to the technology for redundant access, e.g., link aggregation or multiple spanning tree, is used to determine which packets are put onto which links.
Where link aggregation is used, a different load sharing algorithm may be used at the aggregation access element and the customer equipment for each direction of transmission. In other words, the load sharing algorithm used at the two ends of a transmission, e.g., AAE and CE, may be completely independent, i.e., there is no attempt to coordinate the load sharing algorithm at the two ends.
One example of a widely deployed load sharing algorithm today is the use of a hash function on the combination of the Media Access Control (MAC) Destination Address (DA) and/or Source Address (SA) of each Ethernet frame entering a Link Aggregation Group (LAG). Such MAC addresses are completely independent of the Virtual Connection Identifier (VCID) associated with a VC. A VCID typically uses a Virtual Local Area Network (VLAN) Identifier, sometimes referred to as a VID, to uniquely identify the VC. Thus, the load sharing algorithm may well result in different frames of the same VID being sent on different physical links in the link aggregation group.
The assignment of traffic to links based on a load sharing algorithm is not deterministic, i.e., the aggregation access element cannot predict on which link or links the traffic related to a given VC is carried at a particular interval in time. For example, a customer may have ordered 4 Mbps (megabits per second) of “Gold” service and, at 10:00 AM local time, 100% of the traffic on a given VC could appear on a first link, and at 10:01 AM local time, 25% of the traffic could appear on a second link and the other 75% of the traffic on a third link. However, policing at the aggregation access element is required to limit the rate of service traffic allowed into the packet switched network to the contracted rate for the service.
Current systems and methods for policing traffic over a VC use either a centralized or a distributed approach. The centralized approach typically uses a policer implemented per switch for all links on the aggregation access element. While this approach might be well suited for policing a given VC that is spread across multiple links, the drawback to a centralized policing architecture is that policing resources in a given switch are limited. For example, if an aggregation access element needs to police traffic for tens of thousands of services, a centralized architecture cannot work.
A distributed policing architecture typically uses policers associated with each link on an aggregation access element. This approach is required in large scale networks. While using dedicated policers per link solves the scalability issue, there is currently no effective technology available to coordinate the distributed policing of a given service that is spread across multiple links.
For the case where a given VC is spread across multiple links, a simple approach is to configure a policer on each link for the full value of the contracted bandwidth. This allows the customer to at least get his contracted bandwidth even if the traffic is confined to a single link. Re-consider the example briefly discussed above, where 4 Mbps of “Gold” service is dynamically spread across multiple (say 4) links. A 4 Mbps policer configured on each link would allow the customer to send at least 4 Mbps into the network at all times, but at any given point in time, the rate could go up to 16 Mbps. This could create unfair policies across customers and result in performance problems within the network. In addition, the lack of good bandwidth management results in poor utilization of the group of links, effectively reducing the capacity of the group to the capacity of a single link as is discussed further in the next paragraph. If, on the other hand, a 1 Mbps policer is configured on each of the four links, a customer having contracted for “Gold” service could possibly get only 1 Mbps through the network, at times when a load sharing algorithm is pushing all traffic onto just one link. This situation is unfair to the customer.
For the case where a given VC is confined to a single link, the situation is a bit simpler, but the AAE still cannot predict which of the links would be used at any given point in time. In this scenario, a full-rate policer could be configured on each link in the group, and the customer's traffic would be limited to the contracted rate. However, this results in inefficient utilization of the links, since admission control is typically tied to the policer rate. In the above example, each link would need to allow for 4 Mbps “Gold” service, which could appear on a first link at 10:00 AM local time and on a third link at 10:02 AM. The result is that the group of four links can only be provisioned as if it were the capacity of a single link. This is very inefficient.